<?php 
include 'secure/core.php';
if(!$users->isUserLoggedIn()){ 
header('Location: login.php');
}
$file = mysql_real_escape_string($_GET['file']);
$userid = $_SESSION['userid'];
$sql = "SELECT * FROM `uploads` WHERE `uploaded_by` = '$userid' and `string` = '$file'";         
$res = $ado->exec($sql);
$row_array = mysql_fetch_assoc($res);
$destroy_file = $row_array['file_path'].$row_array['file_title'];
unlink($destroy_file);
$sql = "DELETE FROM `uploads` WHERE `uploaded_by` = '$userid' and `string` = '$file'";         
$res = $ado->exec($sql);
header( 'Location: uploads.php?msg=3' ) ;
?>